China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)

aws.amazon.com

China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)

aws.amazon.com

digicatM to

blueteamsecEnglish · 5 days ago

China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182) | Amazon Web Services

aws.amazon.com

Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December 3, 2025, Amazon threat intelligence teams observed active exploitation attempts by multiple China state-nexus threat groups, including Earth Lamia and Jackpot Panda. This critical vulnerability in React Server Components has a maximum Common Vulnerability Scoring System (CVSS) score of 10.0 and affects React versions […]

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

8 users / day
74 users / week
186 users / month
794 users / 6 months
217 local subscribers
562 subscribers
1.57K Posts
123 Comments
Modlog

mods:
digicat